Description of Problem:
The most recent version of xinetd on the updates.redhat.com and mirror sites
listens on a high number port (24452 I believe). When I connected to this
port using telnet, I found a shell with root access priveleges. The loopback
address was allowed to connect without any user or password. All other
addresses that I tried were immediately disconnected, but I only tried a few.
Version-Release number of selected component (if applicable):
xinetd-2.3.3-1
How Reproducible:
Install the package
Steps to Reproduce:
1. Install the package
ftp://updates.redhat.com/7.0/en/os/i386/xinetd-2.3.3-1.i386.rpm
2. start xinetd (/etc/rc.d/init.d/xinetd start)
3. connect to the high number port it listens on (telnet localhost 24452)
Actual Results:
Root priveleges to anyone with shell access (and maybe more)
Expected Results:
A security update that improves security
Additional Information:
I found the same package in the 7.1 directory of the updates and didn't look
at the 7.2 directory or any others.